fix: when crossDomain is using default the X-Requested-With header is no longer added incorrectly #6691
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -279,7 +279,20 @@ export function fromAjax<T>(config: AjaxConfig): Observable<AjaxResponse<T>> { | |
| // Here we're pulling off each of the configuration arguments | ||
| // that we don't want to add to the request information we're | ||
| // passing around. | ||
|
There was a problem hiding this comment. Just realised this should move down? |
||
| const configWithDefaults = { | ||
| // Default values | ||
| async: true, | ||
| crossDomain: true, | ||
|
There was a problem hiding this comment. Moving this up here changes some of the conditional branches below, and therefor would (from what I can tell) result in a breaking change. Please see the changes to your PR in the new PR (linked in my other comment) Thanks! :) There was a problem hiding this comment. Hi @benlesh - Which conditionals does it change? I thought I checked and it will only change the crossDomain conditional to use the correct default. The default of crossDomain always has been true. Otherwise every single CORS request will default to sending a preflight which is a breaking change from v6. See here default in v6: https://github.com/ReactiveX/rxjs/blob/6.x/src/internal/observable/dom/AjaxObservable.ts#L163 There was a problem hiding this comment. Checking I can see only two parts of this used below: withCredentials and crossDomain. The former defaults false and so when it was undefined would mean no logic change so exact same behaviour. So the only impact is crossDomain, which as noted should default true not false to match v6 and behave as expected. |
||
| withCredentials: false, | ||
| method: 'GET', | ||
| timeout: 0, | ||
| responseType: 'json' as XMLHttpRequestResponseType, | ||
|
|
||
| // Override with passed user values | ||
| ...config, | ||
| }; | ||
|
|
||
| const { queryParams, body: configuredBody, headers: configuredHeaders, ...remainingConfig } = configWithDefaults; | ||
|
|
||
| let { url } = remainingConfig; | ||
| if (!url) { | ||
|
|
@@ -334,7 +347,7 @@ export function fromAjax<T>(config: AjaxConfig): Observable<AjaxResponse<T>> { | |
| // None of this is necessary, it's only being set because it's "the thing libraries do" | ||
| // Starting back as far as JQuery, and continuing with other libraries such as Angular 1, | ||
| // Axios, et al. | ||
| if (!configWithDefaults.crossDomain && !('x-requested-with' in headers)) { | ||
|
There was a problem hiding this comment. Maybe to match the below conditional should use remainingConfig |
||
| headers['x-requested-with'] = 'XMLHttpRequest'; | ||
| } | ||
|
|
||
|
|
@@ -353,16 +366,8 @@ export function fromAjax<T>(config: AjaxConfig): Observable<AjaxResponse<T>> { | |
| const body = extractContentTypeAndMaybeSerializeBody(configuredBody, headers); | ||
|
|
||
| const _request: AjaxRequest = { | ||
| // Take the final configuration | ||
| ...configWithDefaults, | ||
|
|
||
| // Set values we ensured above | ||
| url, | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This hopefully helps understand why I had to update many tests. It shows the bad behaviour in 4 lines -
crossDomainistruebut at the same time we were expecting the header that should never be sent whencrossDomainistrue